Secure Chat with YTalk and SSH

Security and trust have always been big issues to me. I still remember
my early days on the Internet. My ISP had 33.6 modems and no load
balancing. Many of the customers had comparable modems but little old me
had only a 14.4; consequently, I had somewhat reduced bandwidth. I was
thrilled when I discovered that sending a ping flood to a certain port on
the Win95 machines resulted in my having an "improved" Internet
experience.

One day I realized that I might want to chat with my buddies,
coworkers, and fellow conspirators securely without depending on 3rd party
commercial utilities. Maybe there were firewalls that I needed to get
through where server security was at a premium. I wanted to discuss the
issues of the day with a small group of like-minded people with little
system overhead using standard Unix utilities.

I settled on two pieces of technology: YTalk and SSH.

Under normal conditions, when everybody trusts everybody else, YTalk,
talk, ntalk, et cetera will work without any problems. Alas, I found the
real world a little more difficult and disappointing. It turned out my
buddies couldn't reach me because of firewalls. Either their firewall
rules would block the UDP connection or my firewall rules would stop
it. Then there was the issue of corporate firewalls and even the ISP who
sometimes played the big brother by blocking certain ports for the
protection of our Windows brethren. Rather than taking the time to reset
my firewall to better rules and hoping my buddies could take the same
effort for theirs, I opted for another approach: remote logging with SSH
and using guest accounts expressly setup for the purpose.

YTalk is a multi-user chat program that has been around on the Unix
systems for a number of years now. Its strength lies in its ability to
interface with both talk and ntalk, Unix-based daemons permitting more
that two parties to talk at the same time.

Here is the ytalk command:

ytalk [-x] [-s] [-Y] [-i] [-h hostname_or_ip] username...

It accepts multiple usernames. They can take many forms:

name format

explanation

name

some user on your machine

name@host

some user on a different machine

name#tty

some user on a particular terminal

name#tty@host

some user on a particular tty on a different machine

name@host#tty

same as name#tty@host

aliasname

an alias defined in your .ytalkrc

SSH, the secure shell, is the standard method to do remote logins by
applying encryption so that third parties can't see or manipulate your
activities.

Both YTalk and SSH have both what are called servers and clients. You
must use a client to contact a specific resident program, or server, on
another machine. Once you, the client, are in communication with the
server you can then communicate with other users.

As there's more than one way to skin a cat, so too are there many ways
of secure communication with YTalk and SSH.

Here's how I went about to make all the fun stuff happen:

Getting It to Work

I started off with the simplest implementation i.e. just getting
online with a tty console. The advantage here is that all you
really need to make this work is an SSH client and an existing account on
the talk server. This is great for people on non-Unix platforms.

Assume the following:

You want to contact another person using an encrypted tunnel.

You are both using a text console (i.e., no graphic environment for
now).

Both of you have an account on a machine called www.munchies.org.

Your account's name is salt.

His account's name is vinegar.

Type the following:

ssh -l salt@www.munchies.org

The server responds by asking for a password. After typing it in,
voila, you're logged in over an encrypted tunnel.

Now type

ytalk -x vinegar@ www.munchies.org.

The x option is used to disable X11 interface. My
personal preference is working with consoles in the X11 environment. We'll
look at the other available configuration options later. If all goes well
then this is what you will see: